Practice Guide: Reliance by Internal Audit on Other Assurance Providers
Guidance | December 01, 2011
Ever-increasing compliance requirements and business complexity have driven companies to establish or procure other risk management and assurance functions. Examples of some internal assurance providers are identified as environmental compliance groups, quality management functions that focus on manufacturing activities, internal control teams that assess controls over financial reporting, and IT governance groups. These activities provide assurance on the areas they assessed and recommendations to strengthen the related controls, often in areas that are within the scope of internal audit’s work.
This practice guide provides guidance to the CAE and internal audit leadership on an approach for relying on the assurance provided by other internal or external assurance functions. A continuum of five principles determines the extent of reliance:
- Purpose
- Independence and Objectivity
- Competence
- Elements of Practice
- Communication of Results and Remediation
Nonmembers wishing to purchase this title may visit our Bookstore.